“Ghost” Vulnerability Discovered in Linux

January 27, 2015, a buffer overflow flaw—dubbed “Ghost”—wasdiscovered in the Linux GNU C Library (glibc) versions 2.2 and other 2.x versions before 2.18. It allows remote code execution via the gethostbyname*() function. Researchers have initially identified clockdiff, procmail, pppd, and the Exim mail server software as attack vectors. However, other findings later on surfaced that a malicious attacker can use Ghost to remotely control affected web servers via PHP web applications like WordPress. With PHP thrown in, the range of attack vectors significantly increased.